4 Testaments for Data Protection

‘Data’ is the only common currency that makes the world go around, be it science, technology, finance, defense, communication, medicine, you name it. The advent of this decade has made it so indispensable that there has never been such a strong bond between an intangible input and a tangible outcome in the history of time. With the age of computing propelling the pace of a seamless development of cross platform interfaces from mobiles, tablets, computers to cloud, it is bound to shape the future of things to come. While information is the true protagonist of our times, it is important to remember our responsibility to ensure utmost protection to the same, making it devoid of misuse, theft or misinterpretation. While data protection should top your priority list, it shouldn’t have to come at the cost of sacrificing the core business objectives. By practicing the following, the information security can be streamlined with ease:

Be aware of your data location:

Take into account an inventory of where your data is channelized. Considering information is not stored in a central location anymore, track it down through every interface, be it a mobile, a tablet, a server, a computer or a laptop. This would aid you to make a note on who has access to corporate data, if you can monitor or control access to the data and also if data can be securely disposed. In addition to knowing the data location, equally important is to identify the sensitivity and confidentiality of the data. The centrally located data should be always classified into segregated data repository based upon their confidentiality and sensitivity.

Look beyond theft:

If you think theft is the only source of threat, think again. Loss or damage posed by disaster or accidents is to be taken to account too. This makes a thorough back- up architecture which enables quick recovery and business continuity is essential. Ensure a strict chain of custody protocols by rotating tapes off- site of a regular basis and make sure your off- site storage location is safe and stable. However, this could be a tricky situation. There is a reverse correlation between the availability and confidentiality of the data. While it’s important to plan recovery and business continuity, the balance has to maintained while planning the availability. The key here is to plan a tightly knitted access control for the back ups and archived data.

Don’t forget the papers:

Records maintained on papers and files need to be protected too. Remember that inherent risks stem out of inadequate processes and information mismanagement which requires you to have enough time and team members to tackle problems at all times. This calls for a professional records storage and management solution which continually helps addressing security concerns. In today’s information centric world, the key treasures could be found in trashes. Proper measures should be taken to shred the key documents before they are disposed. It needs to be made sure that 2 way protection is applied for printing any document and collecting them.

Be careful on the Cloud:

Remember that while the Cloud enhances transparency, reduces cost, minimizes maintenance and propels agility, information on the same is forever at risk at that deployable magnitude. Make sure to either not have such classified information on the Cloud or have cutting- edge technology that takes meticulous care of disaster- recovery. Also, footprints left on cloud can act as a trail course for intruders and can be used to exploit any sensitive data.

Iranna Hurakadli heads the Identity and Access Governance practice at Happiest Minds Technologies Pvt. Limited. He brings in more than 17 years of experience in the area of Identity & Access Management and Data Security. He has done end-to-end large IAM implementations for large enterprises across the globe. His areas of strong expertise is in Architecting/Presales/Consulting/Practice Building in IAM, SSO, Access Governance, Privileged Account Management etc.

Iranna Hurakadli
Iranna Hurakadli heads the Identity and Access Governance practice at Happiest Minds Technologies Pvt. Limited. He brings in more than 17 years of experience in the area of Identity & Access Management and Data Security. He has done end-to-end large IAM implementations for large enterprises across the globe. His areas of strong expertise is in Architecting/Presales/Consulting/Practice Building in IAM, SSO, Access Governance, Privileged Account Management etc.